<?php 

class wechatCallbackapi
{

    //验证服务器url地址。修改配置信息时需验证，成功后不再需要验证。
	public function valid()
    {
        $echoStr = $_GET["echostr"];

        //valid signature , option
        if($this->checkSignature()){
        	echo $echoStr;
        	exit;
        }
    }



    private function checkSignature()
	{

		// $fp=fopen("log.txt","w+");
		$strText='http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']."\r\n";
		// fwrite($fp,$strText);

		print_log($strText);

        $token = getConfig('weixin_token');//TOKEN;

        if(empty($token)){

            throw new Exception('TOKEN is not defined!');
        }
        
        $signature = $_GET["signature"];
        $timestamp = $_GET["timestamp"];
        $nonce = $_GET["nonce"];

		$tmpArr = array($token, $timestamp, $nonce);
        // use SORT_STRING rule
		sort($tmpArr, SORT_STRING);
		$tmpStr = implode( $tmpArr );
		$tmpStr = sha1( $tmpStr );
		
		if( $tmpStr == $signature ){
			return true;
		}else{
			return false;
		}
	}

}

